Search

github.blog › security › web-application-security

Web application security Archives

…Code scanning and Ruby: turning source code into a queryable database A deep dive into how GitHub adds support for new languages to CodeQL. The world's largest developer platform Docs Everything…

Apr 14, 2026 · Dorothy Pearce

github.blog › changelog

CodeQL 2.25.4 adds Swift 6.3.1 support, improvements to C# and Java, and more - GitHub Changelog

…Language and framework support Swift CodeQL now supports analysis of apps built with Swift 6.3.1. C# We’ve expanded ASP and ASP.NET remote source modeling to cover additional sources…

May 12, 2026 · Allison

github.blog › changelog

GitHub Copilot in Visual Studio Code v1.110 - February release - GitHub Changelog

…Generate reusable prompts, skills, agents, and hooks directly from a conversation with /create-* commands. In addition, Copilot CLI is now included in VS Code with native support including diff tabs, trusted folder…

Mar 6, 2026

github.blog › ai-and-ml › github-copilot

A cheat sheet to slash commands in GitHub Copilot CLI

…These commands enable users who rely on keyboard shortcuts or assistive technologies to quickly discover and use Copilot features. Trust and compliance : Slash commands enhance trust by making every Copilot action explicit…

Jan 21, 2026 · Jacklyn Carroll

github.blog › open-source

Register now for OpenClaw: After Hours @ GitHub

…Open source hype man, AI whisperer, hackathon and game jam wrangler. I write && manage programs, support dev communities, and occasionally ship something. Related posts AI & ML Improving token efficiency in GitHub Agentic…

May 4, 2026 · Lee Reilly

github.blog › open-source

Open Source Archives

…Open source is hitting an “Eternal September.” As contribution friction drops, maintainers are adapting with new trust signals, triage approaches, and community-led solutions. AI-supported vulnerability triage with the GitHub Security…

May 5, 2026 · Abigail Cabunoc Mayes

github.blog › latest

The latest blogs from GitHub

…what to look for, where issues hide, and how to catch technical debt before it ships. AI & ML Validating agentic behavior when “correct” isn’t deterministic How to build the “Trust Layer…

May 7, 2026 · Landon Cox

2 sources covering this — show 1 more

• The latest on AI & ML github.blog

github.blog › security › supply-chain-security

Investing in the people shaping open source and securing the future together

…Open source maintainers deserve better support and security, and we’re listening and investing. Strengthening open source security, together Today, we are joining Anthropic, Amazon Web Services (AWS), Google, and OpenAI with…

Mar 17, 2026 · Kevin Crosby

github.blog › security › supply-chain-security

A year of open source vulnerability trends: CVEs, advisories, and malware

…considered worth the time and effort for researchers and maintainers to report. The EPSS scores for moderate to high impact vulnerabilities support this decision. So should you trust the EPSS or CVSS…

Mar 26, 2026 · Jonathan Evans